FreeBSD Man Pages

AMD.CONF(5) FreeBSD File Formats Manual AMD.CONF(5)
NAMEamd.conf -- amd(8) configuration file
SYNOPSISamd.confDESCRIPTION
The amd.conf file is the configuration file for amd(8), as part of the
am-utils suite.
The amd.conf file contains runtime configuration information for the
amd(8) automounter program.
FILE FORMAT
The file consists of sections and parameters. A section begins with the
name of the section in square brackets and continues until the next sec-
tion begins or the end of the file is reached. Sections contain parame-
ters of the form ``name = value''.
The file is line-based -- that is, each newline-terminated line repre-
sents either a comment, a section name or a parameter. No line-continua-
tion syntax is available.
Section, parameter names and their values are case sensitive.
Only the first equals sign in a parameter is significant. Whitespace
before or after the first equals sign is discarded. Leading, trailing
and internal whitespace in section and parameter names is irrelevant.
Leading and trailing whitespace in a parameter value is discarded.
Internal whitespace within a parameter value is not allowed, unless the
whole parameter value is quoted with double quotes as in ``name =
"some value"''.
Any line beginning with a pound sign (#) is ignored, as are lines con-
taining only whitespace.
The values following the equals sign in parameters are all either a
string (no quotes needed if string does not include spaces) or a boolean,
which may be given as ``yes/no''. Case is significant in all values.
Some items such as cache timeouts are numeric.
SECTIONSThe[global]section
Parameters in this section either apply to amd as a whole, or to all
other regular map sections which follow. There should be only one global
section defined in one configuration file.
It is highly recommended that this section be specified first in the con-
figuration file. If it is not, then regular map sections which precede
it will not use global values defined later.
Regular[/map]sections
Parameters in regular (non-global) sections apply to a single map entry.
For example, if the map section [/homes] is defined, then all parameters
following it will be applied to the /homesamd-managed mount point.
PARAMETERSParameterscommontoallsections
These parameters can be specified either in the global or a map specific
section. Entries specified in a map-specific section override the
default value or one defined in the global section. If such a common
parameter is specified only in the global section, it is applicable to
all regular map sections that follow.
browsable_dirs (string, default=no)
If ``yes'', then amd's top-level mount points will be browsable to
readdir(3) calls. This means you could run for example ls(1) and
see what keys are available to mount in that directory. Not all
entries are made visible to readdir(3): the ``/default'' entry,
wildcard entries, and those with a `/' in them are not included.
If you specify ``full'' to this option, all but ``/default'' will
be visible. Note that if you run a command which will attempt to
stat(2) the entries, such as often done by ``ls -l'' or ``ls -F'',
amd(8) will attempt to mount every entry in that map. This is
often called a ``mount storm''.
map_defaults (string, default no empty)
This option sets a string to be used as the map's /defaults entry,
overriding any /defaults specified in the map. This allows local
users to override map defaults without modifying maps globally.
map_options (string, default no options)
This option is the same as specifying map options on the command
line to amd(8), such as ``cache:=all''.
map_type (string, default search all map types)
If specified, amd(8) will initialize the map only for the type
given. This is useful to avoid the default map search type used by
amd(8) which takes longer and can have undesired side-effects such
as initializing NIS even if not used. Possible values are:
exec executable maps
file plain files
hesiod Hesiod name service from MIT
ldap Lightweight Directory Access Protocol
ndbm (New) dbm style hash files
nis Network Information Services (version 2)
nisplus Network Information Services Plus (version 3)
passwd local password files
union union maps
mount_type (string, default=nfs)
All amd(8) mount types default to NFS. That is, amd(8) is an NFS
server on the map mount points, for the local host it is running
on. If ``autofs'' is specified, amd(8) will be an autofs server
for those mount points.
autofs_use_lofs (string, default=yes)
When set to ``yes'' and using Autofs, amd(8) will use lofs-type
(loopback) mounts for type:=link mounts. This has the advantage of
mounting in place, and users get to the see the same pathname that
they chdir'ed into. If this option is set to ``no'', then amd(8)
will use symlinks instead: that code is more tested, but negates
autofs's big advantage of in-place mounts.
search_path (string, default no search path)
This provides a (colon-delimited) search path for file maps. Using
a search path, sites can allow for local map customizations and
overrides, and can query distributed maps in several locations as
needed.
selectors_in_defaults (boolean, default=no)
If ``yes'', then the /defaults entry of maps will search for and
process any selectors before setting defaults for all other keys in
that map. Useful when you want to set different options for a com-
plete map based on some parameters. For example, you may want to
better the NFS performance over slow slip-based networks as fol-
lows:
/defaults \
wire==slip-net;opts:=intr,rsize=1024,wsize=1024 \
wire!=slip-net;opts:=intr,rsize=8192,wsize=8192
Deprecated form: selectors_on_default
Parametersapplicabletotheglobalsectiononlyarch (string, default to compiled in value)
Same as the -A option to amd(8). Allows you to override the value
of the archamd(8) variable.
auto_attrcache (numeric, default=0)
Specify in seconds (or units of 0.1 seconds, depending on the OS),
what is the (kernel-side) NFS attribute cache timeout for amd's own
automount points. A value of 0 is supposed to turn off attribute
caching, meaning that amd(8) will be consulted via a kernel-RPC
each time someone stat()'s the mount point (which could be abused
as a denial-of-service attack). Warning: some OSs are incapable of
turning off the NFS attribute cache reliably. On such systems, amd
may not work reliably under heavy load. See the README.attrcache
document in the Am-utils distribution for more details.
auto_dir (string, default=/a)
Same as the -a option to amd(8). This sets the private directory
where amd will create sub-directories for its real mount points.
cache_duration (numeric, default=300)
Same as the -c option to amd(8). Sets the duration in seconds that
looked-up or mounted map entries remain in the cache.
cluster (string, default no cluster)
Same as the -C option to amd(8). Specifies the alternate HP-UX
cluster to use.
debug_mtab_file (string, default=/tmp/mnttab)
Path to mtab file that is used by amd(8) to store a list of mounted
file systems during debug-mtab mode. This option only applies to
systems that store mtab information on disk.
debug_options (string, default no debug options)
Same as the -D option to amd(8). Specify any debugging options for
amd(8). Works only if am-utils was configured for debugging using
the --enable-debug option. The mem option alone can be turned on
via --enable-debug=mem. Otherwise debugging options are ignored.
Options are comma delimited, and can be preceded by the string
``no'' to negate their meaning. You can get the list of supported
debugging options by running amd-v. Possible values are:
all all options
amq register for amq(8)daemon enter daemon mode
fork fork server
full program trace
info info service specific debugging (hesiod, nis, etc.)
mem trace memory allocations
mtab use local ./mtab file
str debug string munging
test full debug but no daemon
trace trace protocol and NFS mount arguments
xdrtrace trace XDR routines
dismount_interval (numeric, default=120)
Same as the -w option to amd(8). Specify, in seconds, the time
between attempts to dismount file systems that have exceeded their
cached times.
domain_strip (boolean, default=yes)
If ``yes'', then the domain name part referred to by ${rhost} is
stripped off. This is useful to keep logs and smaller. If ``no'',
then the domain name part is left changed. This is useful when
using multiple domains with the same maps (as you may have hosts
whose domain-stripped name is identical).
exec_map_timeout (numeric, default=10)
The timeout in seconds that amd(8) will wait for an executable map
program before an answer is returned from that program (or script).
This value should be set to as small as possible while still allow-
ing normal replies to be returned before the timer expires, because
during the time that the executable map program is queried, amd(8)
is essentially waiting and is thus not responding to any other
queries.
forced_unmounts (boolean, default=no)
If set to ``yes'', and the client OS supports forced or lazy
unmounts, then amd(8) will attempt to use them if it gets any of
three serious error conditions when trying to unmount an existing
mount point or mount on top of one: EIO, ESTALE, or EBUSY.
This could be useful to recover from serious conditions such as
hardware failure of mounted disks, or NFS servers which are down
permanently, were migrated, or changed their IP address. Only
``type:=toplvl'' mounts hung with EBUSY are forcibly unmounted
using this option, which is useful to recover from a hung amd(8)).
full_os (string, default to compiled in value)
The full name of the operating system, along with its version.
Allows you to override the compiled-in full name and version of the
operating system. Useful when the compiled-in name is not desired.
For example, the full operating system name on Linux comes up as
``linux'', but you can override it to ``linux-2.2.5''.
fully_qualified_hosts (string, default=no)
If ``yes'', amd(8) will perform RPC authentication using fully-
qualified host names. This is necessary for some systems, and
especially when performing cross-domain mounting. For this func-
tion to work, the amd(8) variable ${hostd} is used, requiring that
${domain} not be null.
hesiod_base (string, default=automount)
Specify the base name for hesiod maps.
karch (string, default to karch of the system)
Same as the -k option to amd(8). Allows you to override the ker-
nel-architecture of your system. Useful for example on Sun (Sparc)
machines, where you can build one amd binary and run it on multiple
machines, yet you want each one to get the correct karch variable
set (for example, sun4c, sun4m, sun4u, etc.) Note that if not
specified, amd(8) will use uname(3) to figure out the kernel archi-
tecture of the machine.
ldap_base (string, default not set)
Specify the base name for LDAP. This often includes LDAP-specific
values such as country and organization.
ldap_cache_maxmem (numeric, default=131072)
Specify the maximum memory amd(8) should use to cache LDAP entries.
ldap_cache_seconds (numeric, default=0)
Specify the number of seconds to keep entries in the cache.
ldap_hostports (string, default not set)
Specify the LDAP host and port values.
ldap_proto_version (numeric, default=2)
Specify the version of the LDAP protocol to use.
local_domain (string, default no sub-domain)
Same as the -d option to amd(8). Specify the local domain name.
If this option is not given the domain name is determined from the
hostname by removing the first component of the fully-qualified
host name.
localhost_address (string, default to localhost or 127.0.0.1)
Specify the name or IP address for amd(8) to use when connecting
the sockets for the local NFS server and the RPC server. This
defaults to 127.0.0.1 or whatever the host reports as its local
address. This parameter is useful on hosts with multiple addresses
where you want to force amd(8) to connect to a specific address.
log_file (string, default=/dev/stderr)
Same as the -l option to amd(8). Specify a file name to log amd(8)
events to. If the string /dev/stderr is specified, amd(8) will
send its events to the standard error file descriptor. If the
string syslog is given, amd(8) will record its events with the sys-
tem logger syslogd(8). The default syslog facility used is
LOG_DAEMON. If you wish to change it, append its name to the log
file name, delimited by a single colon. For example, if logfile is
the string ``syslog:local7'' then amd(8) will log messages via
syslog(3) using the LOG_LOCAL7 facility (if it exists on the sys-
tem).
log_options (string, default no logging options)
Same as the -x option to amd(8). Specify any logging options for
amd(8). Options are comma delimited, and can be preceded by the
string ``no'' to negate their meaning. The ``debug'' logging
option is only available if am-utils was configured with
--enable-debug. You can get the list of supported debugging and
logging options by running amd-H. Possible values are:
all all messages
debug debug messages
error non-fatal system errors
fatal fatal errors
info information
map map errors
stats additional statistical information
user non-fatal user errors
warn warnings
warning warnings
map_reload_interval (numeric, default=3600)
The number of seconds that amd(8) will wait before it checks to see
if any maps have changed at their source (NIS servers, LDAP
servers, files, etc.). amd(8) will reload only those maps that
have changed.
nfs_allow_any_interface (string, default=no)
Normally amd(8) accepts local NFS packets only from 127.0.0.1. If
this parameter is set to ``yes'' then amd(8) will accept local NFS
packets from any local interface; this is useful on hosts that may
have multiple interfaces where the system is forced to send all
outgoing packets (even those bound to the same host) via an address
other than 127.0.0.1.
nfs_allow_insecure_port (string, default=no)
Normally amd(8) will refuse requests coming from unprivileged ports
(i.e. ports >= 1024 on Unix systems), so that only privileged users
and the kernel can send NFS requests to it. However, some kernels
(certain versions of Darwin, MacOS X, and Linux) have bugs that
cause them to use unprivileged ports in certain situations, which
causes amd(8) to stop dead in its tracks. This parameter allows
amd(8) to operate normally even on such systems, at the expense of
a slight decrease in the security of its operations. If you see
messages like ``ignoring request from foo:1234, port not reserved''
in your amd(8) log, try enabling this parameter and give it another
go.
nfs_proto (string, default to trying version tcp then udp)
By default, amd(8) tries TCP and then UDP. This option forces the
overall NFS protocol used to TCP or UDP. It overrides what is in
the amd(8) maps, and is useful when amd is compiled with NFSv3 sup-
port that may not be stable. With this option you can turn off the
complete usage of NFSv3 dynamically (without having to recompile
amd) until such time as NFSv3 support is desired again.
nfs_retransmit_counter (numeric, default=11)
Same as the retransmit counter part of the -ttimeout.retransmit
option to amd(8). Specifies the number of NFS retransmissions that
the kernel will use to communicate with amd(8).
nfs_retransmit_counter_udp (numeric, default=11)
Same as the nfs_retransmit_counter option, but for all UDP mounts
only.
nfs_retransmit_counter_tcp (numeric, default=11)
Same as the nfs_retransmit_counter option, but for all TCP mounts
only.
nfs_retransmit_counter_toplvl (numeric, default=11)
Same as the nfs_retransmit_counter option, but only for amd's top-
level UDP mounts.
nfs_retry_interval (numeric, default=8)
Same as the timeout interval part of the -ttimeout.retransmit
option to amd(8). Specifies the NFS timeout interval, in tenths of
seconds, between NFS/RPC retries (for UDP and TCP). This is the
value that the kernel will use to communicate with amd(8).
amd(8) relies on the kernel RPC retransmit mechanism to trigger
mount retries. The values of the nfs_retransmit_counter and the
nfs_retry_interval parameters change the overall retry interval.
Too long an interval gives poor interactive response; too short an
interval causes excessive retries.
nfs_retry_interval_udp (numeric, default=8)
Same as the nfs_retry_interval option, but for all UDP mounts only.
nfs_retry_interval_tcp (numeric, default=8)
Same as the
nfs_retry_interval
option, but for all TCP mounts only.
nfs_retry_interval_toplvl (numeric, default=8)
Same as the
nfs_retry_interval
option, but only for amd's top-level UDP mounts.
nfs_vers (numeric, default to trying version 3 then 2)
By default, amd(8) tries version 3 and then version 2. This option
forces the overall NFS protocol used to version 3 or 2. It over-
rides what is in the amd(8) maps, and is useful when amd is com-
piled with NFSv3 support that may not be stable. With this option
you can turn off the complete usage of NFSv3 dynamically (without
having to recompile amd) until such time as NFSv3 support is
desired again.
nis_domain (string, default to local NIS domain name)
Same as the -y option to amd(8). Specify an alternative NIS domain
from which to fetch the NIS maps. The default is the system domain
name. This option is ignored if NIS support is not available.
normalize_hostnames (boolean, default=no)
Same as the -n option to amd(8). If ``yes'', then the name
referred to by ${rhost} is normalized relative to the host database
before being used. The effect is to translate aliases into
``official'' names.
normalize_slashes (boolean, default=yes)
If ``yes'', then amd(8) will condense all multiple `/' (slash)
characters into one and remove all trailing slashes. If ``no'',
then amd(8) will not touch strings that may contain repeated or
trailing slashes. The latter is sometimes useful with SMB mounts,
which often require multiple slash characters in pathnames.
os (string, default to compiled in value)
Same as the -O option to amd(8). Allows you to override the com-
piled-in name of the operating system. Useful when the built-in
name is not desired for backward compatibility reasons. For exam-
ple, if the build in name is ``sunos5'', you can override it to
``sos5'', and use older maps which were written with the latter in
mind.
osver (string, default to compiled in value)
Same as the -o option to amd(8). Overrides the compiled-in version
number of the operating system. Useful when the built in version
is not desired for backward compatibility reasons. For example, if
the build in version is ``2.5.1'', you can override it to
``5.5.1'', and use older maps that were written with the latter in
mind.
pid_file (string, default=/dev/stdout)
Specify a file to store the process ID of the running daemon into.
If not specified, amd(8) will print its process ID onto the stan-
dard output. Useful for killing amd(8) after it had run. Note
that the PID of a running amd can also be retrieved via amq-p.
This file is used only if the print_pid option is on.
plock (boolean, default=yes)
Same as the -S option to amd(8). If ``yes'', lock the running exe-
cutable pages of amd into memory. To improve amd's performance,
systems that support the plock(3) or mlockall(2) call can lock the
amd process into memory. This way there is less chance that the
operating system will schedule, page out, and swap the amd process
as needed. This improves amd's performance, at the cost of reserv-
ing the memory used by the amd process (making it unavailable for
other processes).
portmap_program (numeric, default=300019)
Specify an alternate Port-mapper RPC program number, other than the
official number. This is useful when running multiple amd pro-
cesses. For example, you can run another amd(8) in ``test'' mode,
without affecting the primary amd process in any way. For safety
reasons, the alternate program numbers that can be specified must
be in the range 300019-300029, inclusive. The amq(8) utility has
an option -P which can be used to specify an alternate program num-
ber of an amd to contact. In this way, amq can fully control any
number of amd processes running on the same host.
preferred_amq_port (numeric, default=0)
Specify an alternate Port-mapper RPC port number for amd's amq(8)
service. This is used for both UDP and TCP. Setting this value to
0 (or not defining it) will cause amd(8) to select an arbitrary
port number. Setting the amq(8) RPC service port to a specific
number is useful in firewalled or NAT'ed environments, where you
need to know which port amd(8) will listen on.
print_pid (boolean, default=no)
Same as the -p option to amd(8). If ``yes'', amd will print its
process ID upon starting.
print_version (boolean, default=no)
Same as the -v option to amd(8), but the version prints and amd
continues to run. If ``yes'', amd will print its version informa-
tion string, which includes some configuration and compilation val-
ues.
restart_mounts (boolean, default=no)
Same as the -r option to amd(8). If ``yes'', amd will scan the
mount table to determine which file systems are currently mounted.
Whenever one of these would have been auto-mounted, amd inherits
it.
show_statfs_entries (boolean, default=no)
If ``yes'', then all maps which are browsable will also show the
number of entries (keys) they have when df(1) runs. (This is
accomplished by returning non-zero values to the statfs(2) system
call.)
truncate_log (boolean, default=no)
If ``yes'', then the log file (if it is a regular file), will be
truncated upon startup.
unmount_on_exit (boolean, default=no)
If ``yes'', then amd(8) will attempt to unmount all file systems
which it knows about. Normally amd leaves all (esp. NFS) mounted
file systems intact. Note that amd does not know about file sys-
tems mounted before it starts up, unless the restart_mounts option
or -r flag are used.
use_tcpwrappers (boolean, default=yes)
If ``yes'', then amd(8) will use the tcpd/libwrap tcpwrappers
library (if available) to control access to amd via the
/etc/hosts.allow and /etc/hosts.deny files.
vendor (string, default to compiled in value)
The name of the vendor of the operating system. Overrides the com-
piled-in vendor name. Useful when the compiled-in name is not
desired. For example, most Intel based systems set the vendor name
to ``unknown'', but you can set it to ``redhat''.
Parametersapplicabletoregularmapsectionsmap_name (string, must be specified)
Name of the map where the keys are located.
tag (string, default no tag)
Each map entry in the configuration file can be tagged. If no tag
is specified, that map section will always be processed by amd(8).
If it is specified, then amd will process the map if the -T option
was given to amd(8), and the value given to that command-line
option matches that in the map section.
EXAMPLES
Here is a real amd(8) configuration I use daily.
# GLOBAL OPTIONS SECTION
[ global ]
normalize_hostnames = no
print_pid = no
restart_mounts = yes
auto_dir = /n
log_file = /var/log/amd
log_options = all
#debug_options = all
plock = no
selectors_in_defaults = yes
# config.guess picks up "sunos5" and I don't want to edit my maps yet
os = sos5
# if you print_version after setting up "os", it will show it.
print_version = no
map_type = file
search_path = /etc/amdmaps:/usr/lib/amd:/usr/local/AMD/lib
browsable_dirs = yes
# DEFINE AN AMD MOUNT POINT
[ /u ]
map_name = amd.u
[ /proj ]
map_name = amd.proj
[ /src ]
map_name = amd.src
[ /misc ]
map_name = amd.misc
[ /import ]
map_name = amd.import
[ /tftpboot/.amd ]
tag = tftpboot
map_name = amd.tftpboot
SEE ALSOhosts_access(5), amd(8), amq(8)
``am-utils'' info(1) entry.
Erez Zadok, LinuxNFSandAutomounterAdministration, Sybex, 2001, ISBN
0-7821-2739-8.
http://www.am-utils.org/Amd-The4.4BSDAutomounter.
HISTORY
The amd(8) utility first appeared in 4.4BSD.
AUTHORS
Erez Zadok <ezk@cs.sunysb.edu>, Computer Science Department, Stony Brook
University, Stony Brook, New York, USA.
Other authors and contributors to am-utils are listed in the AUTHORS file
distributed with am-utils.
FreeBSD 10.1 April 21, 2006 FreeBSD 10.1